newsletter

GCX Announces Deployment of Cumulous Network to Boost

Connectivity Across the Indian Subcontinent

Sparkle and GCX Enhance Partnership with New International Routes

RCOM Signs Binding Agreements with Brookfield Infrastructure and its Institutional Partners

for Sale of its Towers Business

QUARTERLYREVIEWJANUARY - MARCH 2017

RIDING THE CYBER-ATTACK “TSUNAMI”

MESSAGE FROM

BILL BARNEYCo-CEO, Reliance CommunicationsChairman & CEO, Global Cloud Xchange

Happy New Year and best wishes for a healthy and prosperous 2017!

2016 has been an interesting year which saw Internet security and cyber-attacks making headline news with massive Distributed Denial of Service (DDoS) attacks, taking down social media networks, Cloud Service Providers and even leading Internet security websites. The complexity, sophistication and frequency of cyber-attacks are evolving at an alarming rate, while the cost of launching an attack remains staggeringly low in comparison to the damage they can cause. This is all happening as the ultimate flexibility and transformational benefits of “Cloud” services are growing exponentially. In this issue of RCOM/GCX Quarterly Review, our cover story examines the cyber threat landscape and the approach to an effective risk mitigation strategy in today’s Cloud-connected world (see cover story, page 6).

As India and the Emerging Markets continue to keep pace with unprecedented growth, we recently announced the deployment of the RCOM/GCX Cumulous Network, a major step forward in provisioning next generation connectivity services to support digital transformation. The new network will boost connectivity in the seven Capital cities across the Indian subcontinent while providing connectivity between international gateways in Chennai and Mumbai (page 2).

In addition to further enhancing our presence across Asia and Europe, GCX and Sparkle recently announced the enhancement of our partnership with new international routes (page 3).

We hope you enjoy this edition of RCOM/GCX Quarterly Review. As always, we look forward to hearing from you on how we can better serve your network requirements.

I hope to catch up with many of you at PTC’17 and other events this quarter.

Best regards,

Bill

CONTENTS RCOM/GCX QUARTERLY REVIEW

DISCLAIMER

Executive Editor: Lorain Wong

Editor: Genevieve Li

Cover Story: Neil Kelsall Sujit Panda

Creative Director: Roger M. Proeis

Design: Aaron Chan Celia Lee

Production: Jennifer Bao

Quarterly Review is published quarterly by Global Cloud Xchange.

Please email your feedback and suggestions to [email protected]

For additional information on RCOM & GCX, please visit our website: rcom.co.in | globalcloudxchange.com

© 2017 Global Cloud Xchange All rights reserved

Quarterly Newsletter | January - March 2017

NEWS PAGE 2-5

COVER STORY PAGE 6-12

PRODUCT UPDATE PAGE 14

EVENTS PAGE 15-16

GCX ANNOUNCES DEPLOYMENT OF CUMULOUS NETWORK TO BOOST CONNECTIVITY

ACROSS THE INDIAN SUBCONTINENT

2

NEWS Quarterly Newsletter | January - March 2017

rcom.co.in globalcloudxchange.comrcom.co.in globalcloudxchange.com

Delivery of this new infrastructure marks a major step forward in provisioning next generation connectivity services to support digital transformation and economic growth across India and the emerging markets.

GCX announced the deployment of its Cumulous Network, which will boost connectivity in the seven Indian Capital cities across the Indian subcontinent while providing connectivity between international gateways in Chennai and Mumbai.

“Chennai and Mumbai are both powerhouse cities and gateways for the major tech and financial institutions doing business across the Indian subcontinent,” said Bill Barney, Co-CEO, Reliance Communications and

Chairman & CEO, GCX. “The new Cumulous Network will complement our digital backbone as we complete deployment of our Cloud infrastructure across India.”

Based on current 100G technology, GCX will be able to deliver significant capacity across this important Indian subcontinent route with the ability to further upgrade in the future in alignment with technological advancements and market demand. The new network will interconnect with RCOM’s established network of data centers,

connected by India's largest terrestrial fiber network which connects seamlessly into GCX’s global subsea infrastructure.

“The new Cumulous Network will be a vital backbone to meet soaring demands of new applications such as the company’s new initiatives in the Internet of Things, the deployment of Cloud infrastructure, as well as, the continued expansion of enterprise franchise in India,” said Wilfred Kwan, Chief Operation Officer, Reliance Communications (Enterprise) and GCX.

3NEWS

Sparkle and GCX recently announced further enhancement of their partnership. Sparkle will acquire a significant spectrum capacity across GCX’s Flag Atlantic (FA-1) system and at the same time the two parties will close a strategic capacity deal on the new

Europe-to-Asia system, SEAMEWE-5, to support GCX’s growing market requirements.

Sparkle and GCX are also exploring additional areas of cooperation into markets across South America, as well as, the Middle East and Asia Pacific leveraging on Sparkle’s Sicily Hub, rapidly growing into a major ecosystem in Europe.

“Earlier this year we expanded our reach into Sparkle’s Sicily Hub in Palermo with a multi-service PoP, providing enhanced coverage and increased diversity options to meet the growing demand for high performance, low-latency connectivity across Africa, the Mediterranean and the emerging markets,” said Bill Barney, Co-CEO, Reliance Communications and Global Cloud Xchange. “We are pleased to further expand our partnership with Sparkle across the strategic Atlantic route and into Asia Pacific.”

“Through our partnership with GCX we will significantly enhance our spectrum capacity and continue our strategic global backbone expansion plans. This partnership further leverages both

companies’ European and American assets, including 100Gbps IP Transit connectivity, improving our ability to meet growing market demands,” said Alessandro Talotta, Chairman & CEO, Sparkle.

Located closer than any other European peering point to North Africa, the Mediterranean and the Middle East offering up to 35ms reduced latency versus northern continental locations, Sparkle’s Sicily Hub is served by Seabone, Sparkle’s Tier 1- Global IP Transit service and its connected to an ecosystem of 19 major international submarine cable systems landing in Sicily.

In addition, through the presence of DE-CIX’s IX platform and of major content providers, Sicily Hub allows carriers that land their IP backbones in Sicily to directly interconnect with each other and easily access global content with the best quality.

SPARKLE AND GCX ENHANCE PARTNERSHIP WITH NEW INTERNATIONAL ROUTES

ENTERPRISES ARE ACTIVELY SEEKING ALTERNATIVE CLOUD CONNECTIVITY MEANS IN ORDER TO BOOST

THEIR DIGITAL FOOTPRINT, SAYS GCX AND AEGIS DATAAs we enter 2017, digital transformation continues to be at the forefront of business strategy. In fact, Cloud is readily seen as the enabler behind digital transformation as firms look to connect the dots between people, information and systems, but this is often hampered by poor connectivity. Hence, enterprises are seeking to address this by sourcing alternative Cloud connectivity solutions that offer more consistent and reliable performance than the public Internet.

Research from the Cloud Industry Forum (CIF) indicates that digital transformation is becoming a critical conversation within the boardrooms of enterprises. Data surveying 250 senior IT and business decision-makers polled, revealed that 71 percent of firms either already have a strategy in place or are in the process of implementing one. Further evidence to support this comes from analyst house IDC, which also revealed that by the end of 2017, two-thirds of CEOs from Global 2000 companies would have digital transformation at the center of their corporate strategy.

One of the chief beneficiaries from those embracing digital transformation will undoubtedly be the Cloud computing providers. Increasingly, mission critical applications such as virtual desktops and customer relationship management (CRM), are migrating to the Cloud, alongside big data and Internet of Things (IoT) business processes.

While the infrastructure of the public Cloud environment is in place to support firms, the struggle faced in unlocking its true potential comes from the connectivity itself. According to Mark Russell, President of Europe, GCX, digital technologies are radically transforming the business arena and Cloud is the enabler which is allowing this to happen. Increasingly, more and more businesses are migrating critical applications into large-scale public Clouds, where they are able to reap the benefits of a more cost-effective and flexible IT infrastructure. But what those firms often don’t realize is while these Cloud infrastructures are structurally sound,

they are often let down by the connectivity provided into them via the public Internet.

“The Internet is first and foremost a best efforts network. While an organization might not feel the effects in accessing applications locally, the strain becomes a lot more noticeable as the network distance lengthens between application and user; some applications are simply too performance-sensitive. For an organization looking to globalize their offering or wanting to provide access into critical applications in different continents, the challenges of the public Internet’s variable consistencies can hinder application performance to the point they become unusable. Add onto this security threats like recent headline-grabbing DDoS attacks, and it is easy to see why concerns surrounding connectivity exists.”

Russell concluded, increasingly, we are seeing companies looking for Cloud connectivity alternatives that offer greater consistency than is available over the public Internet. By connecting their Cloud to their corporate private Multiprotocol Label Switching (MPLS) network using interconnection “bridges” like CLOUD X Fusion from GCX, many of these concerns can be mitigated.

“Unlike the public Internet, MPLS provides private connectivity into large-scale public Clouds, guaranteeing the user quality-of-service, prioritization and service level agreements between two key points including public Cloud environments. Ultimately, this allows an organization to access applications faster, more securely and more cost effectively.”

Greg McCulloch, CEO of Aegis Data says that the increasingly diverse nature of Aegis’ customer portfolio is driving demand for faster and more secure connectivity into key public Cloud environments, and our partnership with GCX significantly enables this.

“Today, colocation facilities are becoming increasingly critical in not only hosting Cloud environments, but also providing the necessary access and connectivity into those platforms. For a lot of data center providers meeting the requirements for this can represent a challenge. Connectivity is often through the public Internet, which can cause performance to lag especially when you’re looking to access applications in different regions. For a number of organizations this can be hugely frustrating, especially when demands for increased speed and flexibility are only becoming more intense. This is something we have looked to address through our relationship with GCX."

“Our partnership means our customers are able to benefit from having a point-of-presence into a secure, private network, which in turn provides access into some of the biggest Cloud environments, including the likes of Microsoft Azure and AWS. By accessing these Cloud, our customers can be confident they are achieving the maximum from their connectivity in terms of performance, cost and security. The reality is as more and more organizations start to address their digital strategy, we can expect to see connectivity become a key component in this conversation.”

4

NEWS Quarterly Newsletter | January - March 2017

rcom.co.in globalcloudxchange.com

RELIANCE COMMUNICATIONS SIGNS BINDING AGREEMENTS WITH BROOKFIELD INFRASTRUCTURE

AND ITS INSTITUTIONAL PARTNERS FOR SALE OF ITS TOWERS BUSINESS

On 21 December 2016 Reliance Communications Ltd. (RCOM) announced the signing of binding agreements with Brookfield Infrastructure in relation to the acquisition of RCOM’s nationwide tower assets by affiliates of Brookfield Infrastructure Partners LP (NYSE: BIP; TSX: BIP.UN) and its institutional partners.

RCOM will receive an upfront cash payment of Rs. 11,000 crore (US$ 1.6 billion) on completion of the transaction.

RCOM will also receive Class B non-voting shares in the new Tower company, providing 49% future economic upside in the Towers business, based on certain conditions. RCOM expects significant future value creation from the B Class shares, based on growth in tenancies arising from increasing 4G rollout by all telecom operators and fast accelerating data consumption. The transaction will represent the largest ever investment by any overseas financial investor in the infrastructure sector in India, and is a strong reflection of the confidence of the international investment community in the long term growth potential of the Indian economy.

RCOM’s telecom towers will be demerged into a separate new Company that will be 100% owned and independently managed by Brookfield Infrastructure, thereby creating the second largest independent and operator-neutral Towers company in India.

RCOM will enjoy certain information and other rights, but will not be involved directly or indirectly in the management and operations of the new Company.

RCOM and Reliance Jio will continue as major long term tenants of the new Tower company, along with other existing third party telecom operators.

RCOM will utilize the upfront cash payment of Rs. 11,000 crore (US$ 1.6 billion) solely to reduce its debt. The already announced combination of RCOM’s wireless business with Aircel, and the monetization of the Tower business, will together reduce RCOM’s overall debt by Rs. 31,000 crore (US$ 4.6 billion), or nearly 70% of existing debt.

RCOM will continue to hold 50% stake in the wireless business combination with Aircel and the 49% future economic upside in the towers business, and will monetise these valuable assets at an appropriate time in the future to further substantially reduce its overall debt.

The implementation of the spectrum trading and sharing arrangements with Reliance Jio to secure a nationwide 4G footprint with the deepest penetration and the most efficient 850 MHz band spectrum; the merger of the Indian telecom business of Sistema Shyam Telecom Ltd.; the combination of the wireless business with Aircel to derive operational and revenue synergies and achieve further industry consolidation; and the monetisation of the towers business in this transaction with Brookfield Infrastructure, are all important milestones in RCOM’s deleveraging and asset light strategy for future growth.

The transaction is subject to applicable approvals, including inter alia, shareholder and regulatory approvals, lenders’ consents, etc.

Ambit, SBI Capital Markets and UBS Securities India are acting as financial advisers and Herbert Smith Freehills LLP and JSA Law are acting as legal advisers to RCOM for the transaction.

5NEWS

COVER STORY Quarterly Newsletter | January - March 2017

6 rcom.co.in globalcloudxchange.com

RIDING THE CYBER-ATTACK

“TSUNAMI”

Internet security and cyber-attacks continue to make front page news with massive Distributed Denial of Service (DDoS) attacks taking down social media networks, Cloud Service Providers and even leading Internet security websites. The complexity, sophistication and frequency of cyber-attacks are evolving at an alarming rate, while the cost of launching an attack remains staggeringly low in comparison to the damage they can cause. The public nature of the Internet adds to the vulnerability of Cloud-based enterprise applications.

With the Internet of Things seeing literally millions of cameras, sensors and barely-protected devices brought online every month, the potential “attack surface” is growing exponentially. Some estimates put the expected total number of “things” connected to the Internet by the end of 2020 to be between 26 billion and 30 billion.

At the same time, the ultimate flexibility and transformational benefits of “Cloud” services see Cloud usage grow inexorably. Cisco predicts annual global Cloud IP traffic will reach 8.6

Zettabytes by the end of 2019. So is that a lot? Well if 1 Zettabyte is equal to 1 million petabytes, and 1 petabyte equals 1 million gigabytes, then 8.6 Zettabytes equals more then 8½ trillion gigabytes of traffic flowing in and out of Clouds by the end of 2019. And of this, Cisco predicts 56% (or just under 5 trillion gigabytes) will be traffic related to workloads and applications residing in public Clouds.

In short, there’s an awful lot of Cloud-bound Internet traffic and Internet-facing applications for the maliciously-motivated cybercriminal to potentially target and attack, via an almost unfathomable number of sources.

So what does that mean for enterprises that are increasingly migrating business-critical applications and business processes to “the Cloud”?

MORE DANGER AHEADCyber-attackers use a range of methods to cause disruption and damage to Internet-based services, that can lead to catastrophic events ranging from stolen funds, customer data, and intellectual property. Even the most sophisticated Web and Cloud services can simply grind to a halt if targeted.

7COVER STORY

THE RISE OF DDoSRecent high profile attacks (like that experienced by a leading DNS provider in late October 2016) have been based upon volumetric Distributed Denial of Service, or DDoS, the primary goal of which is to saturate the connectivity of an Internet facing service (web site or Cloud platform) until traffic can no longer get through, making it impossible for legitimate traffic to reach the target. DDoS attacks have been occurring since 1988, with growing frequency, severity and consequences. The attack on this company is believed to have been the largest volumetric DDoS attack in history, with an estimated load of 1.2 terabits per second hitting its servers.

This begs the question, “how could such a massive attack be instigated and executed without detection?”

This attack was the latest in a growing number of DDoS attacks carried out using a “botnet” (also known ironically playfully as a “zombie army”), consisting of a number of Internet-connected devices that have been compromised and set-up to forward transmissions (including spam or viruses) to other devices on the Internet. But this one was different from most preceding DDoS attacks because the botnet in

this case is believed to have been made up of more than 100,000 Internet of Things devices like printers, IP cameras, home broadband routers and baby monitors, all infected with known malware (believed to be the “Mirai” botnet).

And worryingly, security experts believe this attack could actually have been much worse with the particular malware observed to have spread to more than 500,000 devices (mostly set with weak “default” or manufacturers’ passwords, thereby making them easy to infect).

DDoS can be costly; a bombardment can last for hours and is easily replicated, leading to the complete shut-down of Web or Cloud services as bandwidth becomes saturated. In the case of this DNS provider, a number of huge US-based and Europe-based websites were shut down including Twitter, Pinterest, Reddit, GitHub, Etsy, Tumblr, Spotify, PayPal, Verizon, Comcast, and the Playstation network. Beyond these high profile sites, it is likely that thousands of Enterprises depending on SaaS players for their IT solutions were disrupted. Even customers accessing Internet-facing services in AWS weren’t safe with the Cloud giant reporting customers’ services and applications hosted in its East Coast US and West Europe data centers as having been impacted.

continued, page 8



US President Barack Obama speaking on Jimmy Kimmel Live commented that future Presidents face the challenge of "how do we continue to get all the benefits of being in cyberspace but protect our finances, protect our privacy. What is true is that we are all connected. We're all wired now."

Prior to the recent spate of botnet-based attacks Internet security specialist VeriSign estimated that service-denying attacks can cost an enterprise up to $300,000 per hour in lost revenue alone. And as the scale of attack grows, so will the potential cost. When critical network systems are shut down, productivity grinds to a halt and even the biggest brands can suffer when customers can’t access a website, or worse still, become casualties of a data breach.

But it’s not only DDoS that the Cloud-adopting enterprise needs to protect against. Businesses operating over the Internet face further potential threat with the likes of Man in the Middle (MitM) attacks and Address Spoofing further compounding the risk.

For the enterprise moving or considering moving critical applications out of private data centers or private Clouds, the risk of falling victim to any of these cyber-attacks is amplified enormously. In private data centers or private Clouds, services are commonly protected via a range of expensive specialist appliances, systems and protocols arranged strategically as layers of protection at the “gateway” between the inherently secure private network (typically MPLS-based or IPSec-encrypted Internet) and the “Wild West”, the public Internet.

But order eventually came to even the Wild West, and the same can be said of the Cloud.

A MULTI-LAYERED APPROACH TO PROTECTIONIn today’s Cloud-connected world, there’s a range of methods

and techniques that can be deployed to add sophisticated protection to even the most complex of Cloud services. Dedicated and Cloud-based DDoS mitigation services, the use of Content Delivery Networks, Web Application Firewalls (WAFs), Cloud-based Anti-Virus systems, and Application Delivery Controllers all add layer upon layer of protection.

“Even without considering complex and sophisticated appliances or Cloud-based security services, there are ways to reduce the risk of cyber-attack for any application or service that need not be public-facing despite being virtualized on a public Cloud platform, for example a corporate intranet site or ERP platform,” said Braham Singh, SVP, Global Product Management at Reliance Communications (Enterprise) and Global Cloud Xchange.

AVOIDING THE RISK FROM THE NETWORKIncreasingly, Cloud Service Providers like AWS, Microsoft Azure and Softlayer have introduced connectivity options that allow enterprises to connect their private, secure corporate networks to the CSP’s “public” Cloud. To make these inter-connections scalable, they are typically only available through large scale bandwidth options so the most common way for the enterprise to connect is via an “accredited partner” like Global Cloud Xchange through its CLOUD X Fusion offering.

The benefits of connecting to public Clouds in this way are multi-fold.

“Because the underlying corporate network technology (for example MPLS or Ethernet) is extended all the way into the Cloud data center, there are inherent network performance benefits like Round Trip Delay (RTD) predictability, Quality of Service (QoS) and even Service Level Agreements (SLAs) to better guarantee the end-to-end performance of a Cloud application across the network,” Singh added.

Outage Map during the October DDoS Attack showing the physical location

of effected services

(Source:downdetector.com)

continued from page 7

COVER STORY 9

“... there are ways to reduce the risk of cyber-attack for any application or service that need not be public-facing despite being virtualized on a public Cloud platform...”

Braham Singh, SVP, Global Product Management, RCOM (Enterprise) & GCX

Accessing Cloud services via private MPLS connectivity services also protects against some attack types as internal network addressing and infrastructure is “hidden” from the external world. It’s as if there is a firmly locked door standing between application and unauthorized users on Internet. Internal core routing information is not even disclosed within a client VPN; the only addresses visible to the Customer Edge (CE) devices are the addresses of the MPLS Provider Edge (PE) routers, not the core Provider (P) routers. Without a clear Internet-facing target, a DDoS onslaught becomes almost impossible to initiate, while the use of MPLS labelling and secure VRFs render the WAN almost impervious to Address Spoofing and MitM attacks.

So as you can see, as a “private” VPN technology, MPLS is inherently secure, offering in-built protection from cyber-attacks like DDoS and Address Spoofing. "We chose CLOUD X Fusion (from Reliance / GCX) because of the stability and security it offers in comparison to Cloud connectivity over the open Internet,” said Rohit Ambosta, CIO of Angel Broking, one of India’s leading stock broking and wealth management firms. All of this means that applications hosted in public Clouds and accessed over private networks can be protected from the majority of malicious security attacks.

And in addition, most corporate networks already have sophisticated security perimeters protecting locations and users within that perimeter, meaning these defenses can be further used to secure activity between users and applications hosted in public Cloud platforms.

With Internet usage set to grow and grow, and the Internet of Things expected to top 20 billion devices by 2020, applications and services accessible via the Internet, whether hosted on-premise or in a public Cloud platform, are open to an ever-increasing threat of malicious attack. The Internet of Things is the new frontier for botnets to launch SSDP-based (Simple Service Discovery Protocol) reflection attacks. In effect, any network-connected device with a public IP address & vulnerable operating system or improper configuration can now be used as an unwitting participant in an attack.

“We are also looking at DDoS protection to further enhance our security,” continued Ambosta. Security risk mitigation and protection strategies can be complex (and let’s face it, expensive) using layer upon sophisticated layer of appliances and services to build a defense perimeter as impermeable to attack as possible. But that should not deter enterprises from taking full advantage of the benefits offered by migrating critical applications to the Cloud. So why not exploit the inherent security of the corporate network too, by connecting public Cloud services directly and privately to the enterprise WAN?

continued, page 10



Internet and web-based services have become the lifeline for most organizations. BCG expects the Internet economy of the G-20 to reach $4.2 trillion by 2016, representing 5.3% of total GDP and growing at a healthy 12.7 % approx. DDoS is one of the most prominent threats to this ecosystem. The top verticals impacted by DDoS have been Media and Entertainment (including OTTs), Gaming, Software and Technology (including SaaS providers) and the Education verticals.

HOW TO BE PREPARED FOR FACING AN ATTACK

DDoS mitigation can be achieved through on-premise appliances or Cloud-based services. The benefit of deploying protection on-premise in close proximity to the protected applications is the ease of fine tuning for greater awareness to changes in network traffic flows in and out of the application servers, which in turn will lead to more effective detection of suspicious traffic on the application layer. However, on-premise protection cannot handle volumetric network floods

that saturate the connectivity between the application and the public Internet; by the time the DDoS attack reaches the on-premise protection, it is too late. This is where Cloud-based DDoS mitigation from a specialist connectivity provider comes into play as a Cloud-based service will effectively absorb and deflect known DDoS traffic within the provider’s network, before it reaches its target.

DDoS MITIGATION SOLUTIONS AND SERVICES

On-Premise DDoS appliance offers some protection although legitimate users’ access to services is massively impacted as

Internet link becomes flooded

Cloud-based DDoS service blocks most DDoS traffic allowing better protection and access for legitimate users


11COVER STORY 11COVER STORY

An integrated hybrid of Cloud-based DDoS service and on-premise appliance blocks all malicious traffic and enables

legitimate users to access services as normal

continued, page 12

CONTENT DELIVERY NETWORKSFor web-based applications hosting them within a Content Delivery Network (CDN) is an effective way of leveraging large-scale protection. Mass-scale CDNs offer multi-layered protection that can easily absorb 100 Gbps of attack attack traffic, maybe even more. However, enterprises do not select all objects and webpages to be served through a CDN as part of their application architecture so this protection is limited only to those addresses or ports that are. Services such as DNS, which is not routed through the CDN, and other such components not included in the CDN service remain at threat of potential attack. A CDN alone, therefore, will not provide full protection from malicious attack, but should be considered when designing a scalable threat mitigation architecture.

Applications hosted in vast commercial Content Delivery Networks (CDNs) are protected allowing legitimate user

access but CDNs are not appropriate for all services

In reality, the ideal solution is a hybrid of both approaches. It is important that the key connects to the data center have a flexible on-demand bandwidth service which can scale during an attack, while the on-premise solution should be compatible with the services from a number of Cloud-based service providers and support VeriSign OpenHybrid, Arbor Cloud Signaling Coalition (CSC) etc to integrate effectively.

Source: Akamai State of the Internet / Security Q2 2016

With the correct risk assessment and a multi-layered mitigation strategy in place, there is a good chance that the damage can be limited. In addition to private Cloud connectivity, organizations should consider the following when devising an effective risk mitigation strategy

BILL BARNEY CO-CEO, RELIANCE COMMUNICATIONSCHAIRMAN & CEO, GLOBAL CLOUD XCHANGETO KEYNOTE AT DATACLOUD ASIA 2017Capella Hotel Singapore 23 February 2017



Many of these mitigation techniques are available as a service with an overall SLA for the mitigation service rather than individual, unrelated SLAs to cover different techniques. A managed DDoS mitigation service provider such as GCX / RCOM, who understands the overall application architecture and provides a single point of contact for managing the various mitigation mechanism is best suited for the multi-vector layered threat landscape.

However, it is also important to understand that a solid architecture based on the overall design and backed by a strong underlying process is the best defense against a DDoS attack. Response tactics should change as attack volumes increase, and it is essential that there is a documented Incident Response process for ‘before’, ‘during’ and ‘after’ an attack to solidify the response.

APPLICATION DELIVERY CONTROLLERS AND GLOBAL LOAD BALANCERSLoad balancing HTTP(S) and SSL proxy to provide a single anycast IP to front-end deployed back-end instances across hosting or Cloud Service Providers adds a further line of defense. Application Delivery Controllers (ADCs) and Global Load Balancers use “spare” capacity to direct user traffic to an application or website back-end during a DDoS attack. This has the advantage of increasing the surface area to absorb an attack by moving traffic to between various Cloud or data center deployments, depending on the available capacity. ADCs also provide a secondary line of defense by leveraging TCP SYN Cookie options, basic HTTP inspection, HTTP Cookie injection and sophisticated ‘human check’ scripts.

WEB APPLICATION FIREWALLDependent upon the risk assessment and the IT architecture, a Web Application Firewall (WAF) can be used to build protection against web application level attacks to thwart not just application layer attacks but also other data breaches like session-hijacking, SQL injection and cross-site scripting (XSS), OWASP Top 10 vulnerabilities and other DDoS attacks resulting from vulnerabilities inherent in web applications.


13COVER STORY

PTC'17 15 – 18 JANUARY 2017Honolulu, Hawaii

PTC’17: Changing Realities will explore the changing realities of business, customer demands, the global economy, and the global regulatory environment to help attendees identify how these new realities will affect them and how they can chart their own paths through the dynamic changes of our industry.

GCX IS PROUD TO BE A PLATINUM SPONSOR OF PTC’17!


PRODUCT UPDATE Quarterly Newsletter | January - March 2017

NEW POPS LAUNCHED INHONG KONG AND LONDON

GCX recently introduced two new PoPs onto the GCX Global Network; Hong Kong - Equinix HK1 and London - Telehouse North.

HONG KONG - EQUINIX HK1Our new GxPoP in Equinix HK1 will support a full range of GCX products with capacities up to 100Gbps:

• Optical Wave Services

• Capacity Services

• Managed Bandwidth Services

• IPLC

• EPL

• IP Transit

• Global Ethernet

• MPLS VPN

Home to a thriving financial services ecosystem, Equinix HK1 is located midway between Hong Kong’s International Airport and the Central Business District, and connects to the GCX Global Network via diverse backhaul circuits to Hong Kong – Sino Favour PoP. Equinix HK1 is also one of the most network-dense data centers in Hong Kong making it a key interconnect and peering location for the AsiaPac region.

LONDON - TELEHOUSE NORTHOur new micro PoP in London – Telehouse North is an extension of our existing London - Telehouse East GPoP using a dark fiber pair which is terminated on a high port-capacity switch so as to connect Telehouse North to the IP Backbone router within Telehouse East. This facility will enable us to offer our IP Transit services directly to prospective customers who are already present in Telehouse North, without the need for them to pay for additional charges to connect into Telehouse East.

London – Telehouse North also supports Global Ethernet and Global Ethernet VPLS services.

EVENTS Quarterly Newsletter | January - March 2017

GCX AT AWSOME DAY EXPRESS TAIPEI21-22 NOVEMBER 2016TAIPEI

GCX was one of the lead sponsors of AWSome Day Express on 21-22 November at the GIS MOTC Convention Center in Taipei. The GCX’s booth was a hive of activity with many conference attendees stopping by to discuss CLOUD X Fusion, network connectivity and our Emerging Markets capabilities. GCX also sponsored an IPAD for the grand lucky draw at the end of the AWSome Day Express Conference.

AWSome Day is based on the AWS Essentials Course and will take participants through a step-by-step deep-dive into AWS core services such as Compute, Storage, Database and Network. At the end of the session, participants will be able to build scalable and secure applications on the AWS Cloud.

15PRODUCT UPDATE | EVENTS

GCX SHARES INSIGHTS ON DATA CENTER EVOLUTION AT SUBMARINE NETWORKS WORLD 201617-19 OCTOBER 2016SINGAPORE

GCX’s President of Asia Pacific Fabrizio Civitarese joined executives from Digital Realty, Equinix and NTT in a panel discussion “The next stage of the data center evolution” to discuss the trends in data center locations and also the evolving relationship between data center locations and submarine cable routes, in terms of planning, termination points and the backhaul network. The panel also share insights on the Challenges for new data center builds as well as better collaboration between data center operators and carriers on new projects.

Submarine Networks World is an annual conference for leaders of subsea communications to explore the strategy, innovation, technology and partnerships driving the growth of their global community.

A REGATTA FOR A GOOD CAUSE11 NOVEMBER 2016SYDNEY

GCX Australia along with GCX customers spent a day out at sea on 11 November 2016 – sailing around the Sydney Harbor to raise funds for The Sydney Children’s Hospital.

Celebrating its 22nd successive year, The Rotary Charity Regatta is an annual event hosted by the Cruising Yacht Club of Australia at Rushcutters Bay, Sydney. The Regatta raises funds for the Sydney Children's Hospital Randwick, the CYCA Safety of Lives at Sea Trust (SOLAS) and other worthy causes.

UPCOMING EVENTSNANOG 696-8 FEBRUARY 2017WASHINGTON, D.C.

DATACLOUD ASIA 201723 FEBRUARY 2017CAPELLA HOTEL, SINGAPORE

CAPACITY MIDDLE EAST7-9 MARCH 2017DUBAI

TELECOMS WORLD ASIA 201721-22 MARCH 2017BANGKOK

INTERNATIONAL TELECOMS WEEK14-17 MAY 2017 CHICAGO

GCX TAKES PART AT NANOG 68 17-19 OCTOBER 2016DALLAS

GCX AT CAPACITY EUROPE 7-9 NOVEMBER 2016PARIS

GCX (#ASN18101, #ASN15412) took part as a sponsor at NANOG 68 on 17-19 October in Dallas. The three day event was held at the Fairmont Dallas and gave GCX US team an opportunity to discuss network connectivity, IP Transit, SDWAN and our Emerging Markets capabilities to industry peers and leaders during Tuesday afternoon Break session on 18 October 2016.

The North American Network Operators Group (NANOG), is the professional association for Internet engineering, architecture and operations. NANOG's core focus is on continuous improvement of the data transmission technologies, practices, and facilities that make the Internet function. NANOG is a membership organization organized as an 501(c)3 nonprofit.

GCX took part at Capacity Europe 2016 in Paris on 7-9 November 2016, a pivotal industry platform to reaffirm and establish new business partnerships within wholesale voice, data, enterprise and mobile divisions.

The three day event gave GCX sales team an opportunity to showcase our networks solutions and CLOUD X to customers, industry peers and leaders.

GCX SPEAKS AT THE GITEX TECHNOLOGY WEEK 16-20 OCTOBER 2016DUBAI

GCX’s President of Middle East & Africa Vineet Verma joined executives from Du and AGC Networks in a panel discussion “Connectivity, Bandwidth & Networks - The Growing Challenge” on 18 October 2016, to discuss the challenges and new technologies impacting the subsea sector in a fast paced, interconnected world and how best to navigate the future.

GITEX Technology Week is the most widely recognized and annually anticipated information and communications technology (ICT) trade event across the Middle East, Africa, and South Asia. GITEX continues to identify the hottest global trends in the tech industry and integrates them into new event sectors or conference programs.

16

EVENTS Quarterly Newsletter | January - March 2017

rcom.co.in globalcloudxchange.com

OUR OFFICE LOCATIONS

ASIA-PACIFIC

INDIA

EUROPE AND MIDDLE EAST

USA

NEW DELHIThe Presidency Building,3rd Floor, Tower - B,M.G Road, Sector 14.Gurgaon 124001

SOUTH KOREASuite 2303, City Air Tower, 36, Teheran-ro, 87-gil, Gangnam-gu, Seoul (06164), Korea

SINGAPORE67 Ubi Avenue 1#06-01 North WingSingapore 408942

TAIWAN4th Floor, No.200 Section 1Keelung Road, Taipei 110Taiwan

HEAD OFFICEDhirubhai Ambani Knowledge City (DAKC)H Block, Thane Belapur Road KoparkhairaneNavi Mumbai – 400710

BANGALOREHM Towers, 4th Floor Brigade Road Junction Ashok Nagar, Above CCD Bangalore - 560025

HYDERABAD4th Floor, Plot No.38 Hi-Tech City MadhapurHyderabad 500081

MUMBAI2nd Floor South Wing Off Western Exp Highway Anand Nagar, Vakola Santacruz EastMumbai 400055

BELGIUMRegusBrussels AirportPegasuslaan 5B-1831 DiegemBelgium

EGYPTNile City Towers, North Tower, 23rd Floor Cornish El Nil, Ramlet BoulakP.O. Box 11624Cairo, Egypt

FRANCEImmeuble Le Colisée,8 avenue de l’Arche92419 Courbevoie CedexFrance

GERMANYVanco GmbHTriforum Haus A1,Frankfurter Strasse 233, 63263 Neu-IsenburgGermany

SAN BRUNO999 Bayhill DriveSuite 160San Bruno, CA 94066

DENVERSuite 2-1302000 S Colorado BlvdDenver, CO 80222

NEW YORK55 Broad St 17th floorNew York, NY 10004

RESTON12007 Sunrise Valley Dr. Ste 115, Reston, VA 20191

AUSTRALIALevel 8, 54, Miller Street, North Sydney NSW 2060Australia

CHINARoom 705, 7/F, Office Tower 2SunDongAn Plaza, No.138 WangFujing Ave, Dong Cheng DistrictBeijing 100006, China

HONG KONGSuite 3901-02, 39/FLippo Centre, Tower Two89 QueenswayHong Kong

JAPAN9F Atelier Yours Ogawamachi1-10-2 Kanda-Ogawamachi Chiyoda-ku, Tokyo 101-0052Japan

ITALYTorre TondaPlazza Don Mapelli, 120099 Sesto San Giovanni Milano, Italy

THE NETHERLANDSHerikerbergweg 292 - 342 1101 CT AmsterdamThe Netherlands

SPAINCalle Bahia Business CenterCalle Bahia de Pollensa, 528042 Madrid, Spain

SWEDENGrev Turegatan 18SE- 114 46 StockholmSweden

UNITED ARAB EMIRATES(Jebel Ali Branch) Building # ZF08Near R/A12 Jebel Ali Free Zone - North P.O. Box 30440 , Dubai U.A.E.

UNITED ARAB EMIRATES(Dubai Branch) Al Masaood Building 7th Floor, Al Maktoum Street P.O. Box 30440Dubai U.A.E.

UNITED KINGDOMSovereign Court635 Sipson Road, West DraytonMiddlesex, UB7 0JEUnited Kingdom